package com.livi.security.config.security;

import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import com.alibaba.fastjson.JSONObject;
import com.livi.security.model.commom.BaseResponse;
import com.livi.security.model.commom.ResultCode;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @Description: 权限拒绝处理逻辑
 */
@Component
public class CustomizeAccessDeniedHandler implements AccessDeniedHandler {

	@Override
	public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse,
			AccessDeniedException e) throws IOException, ServletException {
		String res = JSONObject.toJSONString(new BaseResponse<>(false, ResultCode.NO_PERMISSION));// 403，没有权限
		httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);// 403，没有权限
		httpServletResponse.setContentType("text/json;charset=utf-8");
		httpServletResponse.getWriter().write(res);
	}
}
